1 Reply Latest reply on Aug 27, 2012 11:07 AM by 777104

    @RolesAllowed does not perform a nested membership check in LDAP

      Hi, I have a JEE6 application deployed on Glassfish server.
      I'm using a form based authentication using an LDAP realm in glassfish.

      I have the following problem, when I use @RolesAllowed("CUSTOMER_READ") annotation the check in LDAP is for direct membership matching not nested matching.
      If the CUSTOMER_READ group has the logged in user as member everything is fine,
      but if CUSTOMER_READ has a GROUP member B and B has the logged in user the authorization fails.

      Does anyone know how to perform nested membership matching with JEE6 annotations on Glassfish?

      Any comment will be helpful,